From 95cb14e1ecb96fc1d186be5eb98febde3c0b0835 Mon Sep 17 00:00:00 2001 From: Bastian Blank Date: Fri, 3 Feb 2017 18:52:29 +0100 Subject: [PATCH] Extract default rsyncd module parameter --- modules/roles/files/dakmaster/rsyncd.conf | 18 +++++------------- modules/roles/files/ports_master/rsyncd.conf | 12 +++++------- .../roles/files/security_master/rsyncd.conf | 15 +++++---------- .../roles/files/security_mirror/rsyncd.conf | 6 ++++-- .../roles/templates/syncproxy/rsyncd.conf.erb | 8 ++++---- 5 files changed, 23 insertions(+), 36 deletions(-) diff --git a/modules/roles/files/dakmaster/rsyncd.conf b/modules/roles/files/dakmaster/rsyncd.conf index 7c154f0c8..ddfec04ef 100644 --- a/modules/roles/files/dakmaster/rsyncd.conf +++ b/modules/roles/files/dakmaster/rsyncd.conf @@ -6,39 +6,31 @@ socket options = SO_KEEPALIVE timeout = 7200 log file = /var/log/rsyncd/rsyncd.log +list = no +read only = true +ignore nonreadable = true +strict modes = false + [indices] path = /srv/ftp-master.debian.org/mirror/ftp-master/indices - list = no auth users = * - read only = true secrets file = /etc/rsyncd/indices.secrets [debian] path = /srv/ftp-master.debian.org/mirror/ftp-master - list = no auth users = * - read only = true secrets file = /home/archvsync/rsyncd/debian.secrets - strict modes = false [debian-debug] path = /srv/ftp-master.debian.org/mirror/debian-debug auth users = * - read only = true secrets file = /home/archvsync/rsyncd/debian-debug.secrets - strict modes = false - list = no [buildd-keyrings] path = /srv/ftp-master.debian.org/scripts/builddkeyrings/keyrings - read only = true - list = no hosts allow = 82.195.75.106, 2001:41b8:202:deb:216:36ff:fe40:3906 [debian-buildd-dists] path = /srv/static.debian.org/master/incoming.debian.org-current-live/debian-buildd/dists - read only = true - list = no auth users = * secrets file = /home/archvsync/rsyncd/debian-buildd-dists.secrets - strict modes = false diff --git a/modules/roles/files/ports_master/rsyncd.conf b/modules/roles/files/ports_master/rsyncd.conf index 0510b8248..699f928de 100644 --- a/modules/roles/files/ports_master/rsyncd.conf +++ b/modules/roles/files/ports_master/rsyncd.conf @@ -7,19 +7,17 @@ reverse lookup = false timeout = 7200 log file = /var/log/rsyncd/rsyncd-ports-master.log +list = no +read only = true +ignore nonreadable = true +strict modes = false + [debian-ports] path = /srv/ports-master.debian.org/ftp/debian-ports - list = no auth users = * - read only = true - ignore nonreadable = true secrets file = /home/archvsync/rsyncd/debian-ports.secrets - strict modes = false [debian-ports-cd] path = /srv/ports-master.debian.org/ftp/debian-ports-cd - list = no auth users = * - read only = true secrets file = /home/archvsync/rsyncd/debian-ports-cd.secrets - strict modes = false diff --git a/modules/roles/files/security_master/rsyncd.conf b/modules/roles/files/security_master/rsyncd.conf index e7de8c8aa..c944fd185 100644 --- a/modules/roles/files/security_master/rsyncd.conf +++ b/modules/roles/files/security_master/rsyncd.conf @@ -6,27 +6,22 @@ socket options = SO_KEEPALIVE timeout = 7200 log file = /var/log/rsyncd/rsyncd.log +list = no +read only = true +ignore nonreadable = true +strict modes = false + [debian-security] path = /srv/security.debian.org/archive/debian-security/ - list = no auth users = * - read only = true secrets file = /home/archvsync/rsyncd/debian-security.secrets - strict modes = false - list = no [debian-security-buildd-dists] path = /srv/security-master.debian.org/buildd/debian-security-buildd/dists - read only = true - list = no auth users = * secrets file = /home/archvsync/rsyncd/debian-security-buildd-dists.secrets - strict modes = false [debian-security-buildd-pool] path = /srv/security-master.debian.org/buildd/debian-security-buildd/pool - read only = true - list = no auth users = * secrets file = /home/archvsync/rsyncd/debian-security-buildd-pool.secrets - strict modes = false diff --git a/modules/roles/files/security_mirror/rsyncd.conf b/modules/roles/files/security_mirror/rsyncd.conf index 353f359c2..47f1f1c11 100644 --- a/modules/roles/files/security_mirror/rsyncd.conf +++ b/modules/roles/files/security_mirror/rsyncd.conf @@ -8,8 +8,10 @@ timeout = 1200 # weasel 2007-11-19 log file = /var/log/rsyncd/rsyncd-security.log +read only = true +ignore nonreadable = true +strict modes = false + [debian-security] path = /srv/ftp.root/debian-security comment = Debian security archive - read only = true - diff --git a/modules/roles/templates/syncproxy/rsyncd.conf.erb b/modules/roles/templates/syncproxy/rsyncd.conf.erb index 39673a70e..1ee5a7b17 100644 --- a/modules/roles/templates/syncproxy/rsyncd.conf.erb +++ b/modules/roles/templates/syncproxy/rsyncd.conf.erb @@ -8,6 +8,10 @@ timeout = 7200 # weasel 2007-11-19 log file = /var/log/rsyncd/rsyncd-syncproxy.log +read only = true +ignore nonreadable = true +strict modes = false + [debian] path = /srv/mirrors/debian/ <%- unless has_variable?("has_srv_mirrors_debian") && has_srv_mirrors_debian == "true" -%> @@ -15,7 +19,6 @@ log file = /var/log/rsyncd/rsyncd-syncproxy.log <%- end -%> comment = Full Debian FTP Archive (contact mirrors@debian.org for access; see https://www.debian.org/mirror/size for size) auth users = * - read only = true secrets file = /etc/rsyncd/debian.secrets [debian-debug] @@ -25,7 +28,6 @@ log file = /var/log/rsyncd/rsyncd-syncproxy.log <%- end -%> comment = Debug packages. Probably large. Starting end of 2015. auth users = * - read only = true secrets file = /etc/rsyncd/debian.secrets [debian-ports] @@ -35,7 +37,6 @@ log file = /var/log/rsyncd/rsyncd-syncproxy.log <%- end -%> comment = debian-ports tree - see https://www.ports.debian.org/ auth users = * - read only = true secrets file = /etc/rsyncd/debian.secrets [debian-security] @@ -45,6 +46,5 @@ log file = /var/log/rsyncd/rsyncd-syncproxy.log <%- end -%> comment = Debian security archive (~100 GB; contact mirrors@debian.org for access) auth users = * - read only = true secrets file = /etc/rsyncd/debian.secrets -- 2.20.1